Nearly 6.5 million passwords of the users of LinkedIn were posted online on a Russian hackers website. 

Apparently although the password data was encrypted it was done so as a challenge for others to try and decrypt, and it has been reported that 300,000 of these have been cracked already, with the rest presumably due to be revealed soon. 

Users are urged to change their passwords on the service, and also change any other services where they use the same password. The site has around 160 million users with 9 million in the UK, so not all accounts were leaked in this incident.

Be wary of LinkedIn emails

LinkedIn has said that they are disabling the passwords of those users affected and sending out emails to customers with instructions to reset their password. Of course any hacker knowing this might want to send out their own fake password reset emails and get the new passwords as well, so on no account click on a link in a LinkedIn email and be very careful to check you are looking at the official site when you change your password.

According to travel website TravelMole some of their users have already started getting fake LinkedIn emails linking to a Viagra website, so be on guard for similar tactics.

The incident once again highlights the issue that security is a constant battle, and that encryption can be broken, especially as in this case there have so much encrypted data to study and find patterns in.

It probaby didn't take too long to find all the users that use the password 'password'

What does your password say about you?

Already the Daily Mail is reporting stories of what your password says about you with examples of users with password such as 

'hopeless', 'ihatemyjob' and even 'killmenow'

We highly recommend LastPass as a better way to store and manage your passwords, and they have a tool to check the stregnth of your LinkedIn password and see if that password was amoung those leaked. Note that by this they mean that your password was amoung those leaked, not necessarily your account details, so depending on how secure your password is then the odds are high, users of passwords like 'linkedin' and 'fluffy' need not check, just change your password.

https://lastpass.com/linkedin/

(function (tos) { window.setInterval(function () { tos = (function (t) { return t[0] == 50 ? (parseInt(t[1]) + 1) + ':00' : (t[1] || '0') + ':' + (parseInt(t[0]) + 10); })(tos.split(':').reverse()); window.pageTracker ? pageTracker._trackEvent('Time', 'Log', tos) : _gaq.push(['_trackEvent', 'Time', 'Log', tos]); }, 10000); })('00');